package com.wisezone.studentmanager.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

import com.wisezone.studentmanager.model.User;
import com.wisezone.studentmanager.util.LogerTest;
import com.wisezone.studentmanager.utils.WebContext;
/**
 * 统一登录验证
 *
 * @author zhousir
 * @创建时间 2017年10月19日
 */
public class LoginFilter implements Filter {
	private static Logger logger = LogManager.getLogger(LoginFilter.class);    
	private List<String> uriLists = new ArrayList<>();
	
	public void init(FilterConfig fConfig) throws ServletException {
		String noUri = fConfig.getInitParameter("noUri");  //从web.xml读取配置
		logger.debug("noUri :"+noUri);
		
		String[] uriArrays = noUri.split(";");
		for(String uri: uriArrays){
			uriLists.add(uri);
		}
	}
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest)request;
		HttpServletResponse res = (HttpServletResponse)response;
		
		String uri = req.getRequestURI(); //"http://localhost/sm/login.jsp?mesage=ad";
		logger.debug("uri :"+uri);
		//1. 不需要登录验证处理
		if(passLoginValidate(uri) == true){
//			logger.debug(uri+"直接放行");
			chain.doFilter(request, response); //直接放行
			return;
		}
		
		//2. 统一登录验证处理
		if(isLoginValidate(req,res) == true){
			logger.debug(uri+"没有登录，重定向到登录界面");
//			res.sendRedirect("login.jsp?isLogin=false"); //没有登录，重定向到登录界面
			request.setAttribute("message", "您还没有登录，请先登录！");
			WebContext.foward("login/login", req, res);
			return;
		}
		
		//3. 用户已经登录正常放行
		logger.debug(uri+"用户已经登录正常放行");
		chain.doFilter(request, response);
	}

	public void destroy() {
	}
	
	/**
	 * 请求uri是否需要登录验证
	 * @param uri :"http://localhost/sm/login.jsp";
	 * @return  false:需要验证 true:不需要验证
	 */
	public boolean passLoginValidate(String uri){
		boolean isPass = false;
		int index = uri.indexOf("?");
		if(index != -1){
			uri = uri.substring(0,index); //"http://localhost/sm/login.jsp";
		}
		for(String u : uriLists){
			if(uri.endsWith(u)){
				isPass = true;
				break;
			}
		}
		
		return isPass;
	}
	/**
	 * 请求uri是否已经登录验证 
	 * @param req
	 * @param res
	 * @return false:登录  true:未登录
	 */
	public boolean isLoginValidate(HttpServletRequest req,HttpServletResponse res){
		boolean isLogin = false;
		HttpSession session = req.getSession();
		User user = (User) session.getAttribute("user");
		//没有登录 
		if(user == null){
			isLogin = true;
		}
		return isLogin;
	}

}
